Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2025-3640
A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.
| Software | From | Fixed in |
|---|---|---|
moodle / moodle
|
- | 4.1.18 |
|
moodle / moodle
|
4.3.0-beta | 4.3.12 |
|
moodle / moodle
|
4.4.0-beta | 4.4.8 |
|
moodle / moodle
|
4.5.0-beta | 4.5.4 |
| moodle / moodle | 4.3.0 | 4.3.12 |
| moodle / moodle | 4.4.0 | 4.4.8 |
| moodle / moodle | 4.5.0 | 4.5.4 |
| moodle / moodle | - | 4.1.18 |